Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Permission errors

https://support.nagios.com/forum/viewtopic.php?t=42409

Page 1 of 1

Permission errors

Posted: Fri Feb 10, 2017 10:28 am
by cfgriffith
So I am installing a brand new Nagios XI setup. After the installation is completed two things are happening.


First I am getting this error within Nagios:

The following configuration files have incorrect permissions:

/usr/local/nagios/etc/commands.cfg (OWNER=root, GROUP=root, PERMS=-rw-rw-r--)
/usr/local/nagios/etc/contactgroups.cfg (OWNER=root, GROUP=root, PERMS=-rw-rw-r--)
/usr/local/nagios/etc/contacts.cfg (OWNER=root, GROUP=root, PERMS=-rw-rw-r--)
/usr/local/nagios/etc/contacttemplates.cfg (OWNER=root, GROUP=root, PERMS=-rw-rw-r--)
/usr/local/nagios/etc/hostdependencies.cfg (OWNER=root, GROUP=root, PERMS=-rw-rw-r--)
/usr/local/nagios/etc/hostescalations.cfg (OWNER=root, GROUP=root, PERMS=-rw-rw-r--)
/usr/local/nagios/etc/hostextinfo.cfg (OWNER=root, GROUP=root, PERMS=-rw-rw-r--)
/usr/local/nagios/etc/hostgroups.cfg (OWNER=root, GROUP=root, PERMS=-rw-rw-r--)
/usr/local/nagios/etc/hosttemplates.cfg (OWNER=root, GROUP=root, PERMS=-rw-rw-r--)
/usr/local/nagios/etc/servicedependencies.cfg (OWNER=root, GROUP=root, PERMS=-rw-rw-r--)
/usr/local/nagios/etc/serviceescalations.cfg (OWNER=root, GROUP=root, PERMS=-rw-rw-r--)
/usr/local/nagios/etc/serviceextinfo.cfg (OWNER=root, GROUP=root, PERMS=-rw-rw-r--)
/usr/local/nagios/etc/servicegroups.cfg (OWNER=root, GROUP=root, PERMS=-rw-rw-r--)
/usr/local/nagios/etc/servicetemplates.cfg (OWNER=root, GROUP=root, PERMS=-rw-rw-r--)
/usr/local/nagios/etc/timeperiods.cfg (OWNER=root, GROUP=root, PERMS=-rw-rw-r--)

Each of these config files needs to be writable by the apache and nagios users. To fix this problem, follow these steps:

Login to your Nagios XI server via SSH as the root user
Execute the following commands:
/usr/local/nagiosxi/scripts/reset_config_perms.sh



However when I look at the directory everything seems to be set correctly (ran the script for good measure and same thing)

[root@nagios etc]# ls -al
total 172
drwsrwsr-x. 7 apache nagios 4096 Feb 9 19:12 .
drwxr-xr-x. 9 root root 94 Feb 9 19:08 ..
-rwxrwxr-x. 1 apache nagios 744 Feb 9 19:06 cgi.cfg
-rw-rw-r--. 1 apache nagios 25764 Feb 9 19:12 commands.cfg
-rw-rw-r--. 1 apache nagios 1106 Feb 9 19:12 contactgroups.cfg
-rw-rw-r--. 1 apache nagios 1437 Feb 9 19:12 contacts.cfg
-rw-rw-r--. 1 apache nagios 1675 Feb 9 19:12 contacttemplates.cfg
-rw-rw-r--. 1 apache nagios 817 Feb 9 19:12 hostdependencies.cfg
-rw-rw-r--. 1 apache nagios 819 Feb 9 19:12 hostescalations.cfg
-rw-rw-r--. 1 apache nagios 837 Feb 9 19:12 hostextinfo.cfg
-rw-rw-r--. 1 apache nagios 967 Feb 9 19:12 hostgroups.cfg
drwsrwsr-x. 2 apache nagios 27 Feb 9 19:12 hosts
-rw-rw-r--. 1 apache nagios 16082 Feb 9 19:12 hosttemplates.cfg
drwsrwsr-x. 2 apache nagios 6 Feb 9 19:12 import
-rwxrwxr-x. 1 apache nagios 5670 Feb 9 19:06 nagios.cfg
-rw-rw-r--. 1 apache nagios 2229 Feb 9 19:08 ndo2db.cfg
-rw-rw-r--. 1 apache nagios 4827 Feb 9 19:08 ndomod.cfg
-rw-rw-r--. 1 apache nagios 7988 Feb 9 19:08 nrpe.cfg
-rw-rw-r--. 1 apache nagios 5345 Feb 9 19:08 nsca.cfg
drwxrwsr-x. 4 apache nagios 246 Feb 9 19:08 pnp
-rwxrwxr-x. 1 apache nagios 210 Feb 9 19:06 resource.cfg
-rw-rw-r--. 1 apache nagios 1627 Feb 9 19:08 send_nsca.cfg
-rw-rw-r--. 1 apache nagios 823 Feb 9 19:12 servicedependencies.cfg
-rw-rw-r--. 1 apache nagios 825 Feb 9 19:12 serviceescalations.cfg
-rw-rw-r--. 1 apache nagios 843 Feb 9 19:12 serviceextinfo.cfg
-rw-rw-r--. 1 apache nagios 813 Feb 9 19:12 servicegroups.cfg
drwsrwsr-x. 2 apache nagios 27 Feb 9 19:12 services
-rw-rw-r--. 1 apache nagios 24852 Feb 9 19:12 servicetemplates.cfg
drwsrwsr-x. 2 apache nagios 68 Feb 9 19:06 static
-rw-rw-r--. 1 apache nagios 3541 Feb 9 19:12 timeperiods.cfg
[root@nagios etc]# pwd
/usr/local/nagios/etc
[root@nagios etc]#


I have also tried opening / editing the files from both the nagios user and the apache user (temporarily enabled bash) and both worked.



Second issue: We are getting this message every 5 minutes.

Cron <root@nagios> LANG=C LC_ALL=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lib/mrtg/mrtg.lock --confcache-file /var/lib/mrtg/mrtg.ok
2017-02-09 15:55:01: ERROR: Creating templock /var/lib/mrtg/mrtg.lock_19678: Permission denied at /usr/bin/mrtg line 1961.

What am I doing wrong

Re: Permission errors

Posted: Fri Feb 10, 2017 11:13 am
by rkennedy
I'm spinning up a fresh machine to test with - what OS and version are you running? What version of XI did you attempt to install?

Was this a clean minimal machine before installing?

When you mention " (temporarily enabled bash) and both worked. " what are you referring to? Just trying to make sure I can replicate this properly on my end.

Re: Permission errors

Posted: Fri Feb 10, 2017 11:15 am
by dwhitfield
Additionally, for the second issue, you may have an old version of mrtg.

If the output of LANG=C LC_ALL=C /usr/bin/mrtg is anything other than version 2.17.4 you should upgrade it by running /tmp/nagiosxi/subcomponents/mrtg/upgrade. If you already have 2.17.4 or the upgrade does not resolve the issue, please either email [email protected] or open a different thread for the mrtg issue.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited